- Los CIO consideran que la gestión de costes puede acabar con el valor de la IA
- 칼럼 | AI 에이전트, 지금까지의 어떤 기술과도 다르다
- The $23 Echo Dot deal is a great deal to upgrade your smart home this Black Friday
- Amazon's Echo Spot smart alarm clock is almost half off this Black Friday
- The newest Echo Show 8 just hit its lowest price ever for Black Friday
Tripwire Patch Priority Index for March 2024
Tripwire’s March 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google, and Apple.
First on the patch priority list are patches for Windows Kernel and Multiple Apple products. These CVEs (CVE-2024-21338, CVE-2024-23296, CVE-2024-23225) have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.
Up next are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use-after-free, out of bounds memory access, and inappropriate implementation vulnerabilities.
Next on the patch priority list this month is a patch for Microsoft Office that resolves an elevation of privilege vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 40 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, NTFS, UAS Protocol, Cloud Files Mini Filter Driver, ODBC Driver, Defender, Kerberos, and others.
Next up are patches for .NET, Visual Studio Code, and Azure Data Studio that resolve 2 elevation of privilege and 1 denial of service vulnerabilities.
Lastly, administrators should focus on server-side patches for Exchange Server, Dynamics, SharePoint, Hyper-V and Microsoft Django Backend for SQL Server. These patches several issues including remote code execution, cross-site scripting, and denial of service vulnerabilities.
BULLETIN |
CVE |
CVE-2024-21338, CVE-2024-23296, CVE-2024-23225 |
|
CVE-2024-2173, CVE-2024-2174, CVE-2024-2176 |
|
CVE-2024-26199 |
|
CVE-2024-26169, CVE-2024-21430, CVE-2024-21330, CVE-2024-21334, CVE-2024-21436, CVE-2024-26160, CVE-2024-21445, CVE-2024-21442, CVE-2024-21437, CVE-2024-26181, CVE-2024-21443, CVE-2024-26182, CVE-2024-26176, CVE-2024-26178, CVE-2024-26173, CVE-2024-26177, CVE-2024-26174, CVE-2024-26197, CVE-2024-21439, CVE-2024-26159, CVE-2024-21440, CVE-2024-26162, CVE-2024-21434, CVE-2024-26185, CVE-2023-28746, CVE-2024-21444, CVE-2024-21441, CVE-2024-26161, CVE-2024-21450, CVE-2024-26166, CVE-2024-21435, CVE-2024-20671, CVE-2024-26190, CVE-2024-21451, CVE-2024-21427, CVE-2024-21432, CVE-2024-21411, CVE-2024-21433, CVE-2024-26170, CVE-2024-21429, CVE-2024-21446, CVE-2024-21438, CVE-2024-21390 |
|
CVE-2024-21392 |
|
CVE-2024-26165 |
|
CVE-2024-26203 |
|
CVE-2024-26198 |
|
CVE-2024-21419 |
|
CVE-2024-21426 |
|
CVE-2024-21408, CVE-2024-21407 |
|
CVE-2024-26164 |